Professional Documents
Culture Documents
SECURITY - LEVELS
Site security
Services security (FTP, Http etc)
Transaction security
VULNERABILITY
It is a bug, flaw, behavior, output, outcome or
event within an application, system, device or
service that could lead to a failure of security.
VULNERABILITIES
Flaws in protocols
Weakness in implementing protocols
No check on data content and size
No check on success or failure
Inability to adapt to resource exhaustion
Incomplete checking of operating environment
Re use of modules for purposes other than what was
intended
Race conditions in file access
Firmware loopholes
Badly configured network
Access control
Non-existent access lists
THE THREATS
Malware
- Virus
- Worms
- Trojan Horse
- Keyloggers
Hacking
Spoofing
ARP (Address Resolution Protocol) spoofing
IP spoofing
DNS spoofing
Sniffing
DoS (Denial of Service)
Botnet (use of zombies)
Identity Theft
Phishing accessing user names, passwords etc
by a bogus site
Evil Twins Type of wireless phishing. Uses the
hotspots of WiFi connections
Steganography -